From: Clark Williams <williams@redhat.com>
To: ebiederm@xmission.com (Eric W. Biederman)
Cc: Josh Boyer <jwboyer@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
Al Viro <viro@zeniv.linux.org.uk>, Mel Gorman <mgorman@suse.de>,
linux-kernel@vger.kernel.org
Subject: Re: Odd ENOMEM being returned in 3.8-rcX
Date: Fri, 8 Feb 2013 16:56:37 -0600 [thread overview]
Message-ID: <20130208165637.795a0859@riff.lan> (raw)
In-Reply-To: <874nhmpgz6.fsf@xmission.com>
[-- Attachment #1: Type: text/plain, Size: 1317 bytes --]
On Fri, 08 Feb 2013 14:40:13 -0800
ebiederm@xmission.com (Eric W. Biederman) wrote:
> Clark Williams <williams@redhat.com> writes:
>
> > The more I look at that the more I think I should nuke CLONE_NEWPID in
> > mock. It came in with a commit that added NEWIPC, which I think is valid
> > for mock managing a chroot, but we're not looking to do full-up
> > containers at this point and it looks like containers is the only place
> > you'd want to start a new set of pids.
>
> Just taking the code out seems reasonable. Howerver there is a
> practical use for a pid namespace in a setup like mock. A pid namespace
> makes it so your sub processes can not reparent and get away from you,
> which could be handy in case someone starts a system daemon in a post
> install script.
>
Ok, I *think* I'm up to speed now (I'm old and slow so gimme a break).
Unsharing pidns only works after your commit in 3.8; that's why my
unshare was always failing. Does it make sense for me to make an
additional unshare() call with just NEWPID as an argument? That is,
call unshare with the NEWNS, NEWIPC, and NEWUTS flags, then when that
succeeds, try NEWPID. If the NEWPID call succeeds, do:
pid = os.fork()
if pid:
os.waitpid(pid, 0)
So that the child continues on?
Clark
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2013-02-08 22:57 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-07 21:57 Odd ENOMEM being returned in 3.8-rcX Josh Boyer
2013-02-07 22:15 ` Andrew Morton
2013-02-08 0:35 ` Josh Boyer
2013-02-08 18:19 ` Josh Boyer
2013-02-08 20:13 ` Eric W. Biederman
2013-02-08 20:23 ` Josh Boyer
2013-02-08 20:45 ` Eric W. Biederman
2013-02-08 21:27 ` Josh Boyer
2013-02-08 22:05 ` Eric W. Biederman
2013-02-08 22:40 ` Clark Williams
2013-02-08 22:10 ` Clark Williams
2013-02-08 22:40 ` Eric W. Biederman
2013-02-08 22:56 ` Clark Williams [this message]
2013-02-08 22:12 ` Josh Boyer
2013-02-11 23:57 ` Andrew Morton
2013-02-12 10:34 ` Eric W. Biederman
2013-02-08 20:18 ` Josh Boyer
2013-02-08 20:36 ` Eric W. Biederman
2013-02-08 20:40 ` Josh Boyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130208165637.795a0859@riff.lan \
--to=williams@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=ebiederm@xmission.com \
--cc=jwboyer@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mgorman@suse.de \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox